{"id":278,"date":"2020-01-22T21:02:27","date_gmt":"2020-01-22T21:02:27","guid":{"rendered":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/?page_id=278"},"modified":"2021-06-02T13:46:42","modified_gmt":"2021-06-02T13:46:42","slug":"university-contracts","status":"publish","type":"page","link":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/policies-security\/university-contracts\/","title":{"rendered":"University Contracts"},"content":{"rendered":"<p><a title=\"Purchase or Lease of Information Technology\" href=\"http:\/\/policies.furman.edu\/view.php?policy=470&amp;name=077.3&amp;_ga=2.204360595.2006528889.1579616218-233716474.1579278595\">Furman University Policy 077.3<\/a>\u00a0requires\u00a0all University contracts for information technology hardware, software, or services be approved by the Chief Information Officer. Offices considering information technology hardware, software, or services should consult with Information Technology Services (ITS)<a title=\"ITS Project Process\" href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/IT-Services-Project-Management.aspx\">\u00a0before getting to the contract stage<\/a>. ITS can help you determine whether your need can be met by\u00a0<a title=\"ITS Service Catalog\" href=\"http:\/\/www2.furman.edu\/sites\/ITS\/Services\/Pages\/ServiceCatalog.aspx\">existing ITS services<\/a>, or whether an outside service would be a better approach.<\/p>\n<p>The <a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Documents\/ITSContractReview.pdf\">Information Technology Services Contract Review Form (pdf)<\/a> should be completed when outside services are needed.<\/p>\n<p>When you need\u00a0to contract for information technology,\u00a0<a title=\"University Purchasing Policy\" href=\"http:\/\/policies.furman.edu\/view.php?policy=454&amp;name=370.1\">University Policy 370.1<\/a>\u00a0designates ITS as the purchasing agent for technology hardware, software, and services. ITS staff review\u00a0contracts to ensure that the solution\u00a0will work with the University technology services, and that the contract terms comply with appropriate University policies and guidelines.<\/p>\n<p>The review process pays particular attention to <strong>legal, privacy\/security, and business<\/strong>\u00a0requirements of the contract:<\/p>\n<p><strong>Legal Terms<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#law\">Governing law<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#writing\">Terms in Writing<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#recip\">Reciprocity<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#term\">Termination &amp; renewal<\/a><\/li>\n<\/ul>\n<p><strong>Privacy\/security<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#privacy\">Privacy and security<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#sso\">Single Sign-On<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#net\">Access to Furman&#8217;s Network<\/a><\/li>\n<\/ul>\n<p><strong>Business<\/strong><\/p>\n<ul>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#SOW\">Clear Statement of Work<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#cap\">Cap on annual increases<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#sla\">Service levels<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#bid\">Bid process<\/a><\/li>\n<li><a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Pages\/contracts.aspx#budget\">Budget Office approval<\/a><\/li>\n<\/ul>\n<p>Additional explanations, and sample terms, are listed below. All items may not be appropriate for all contracts, but are expected for most contracts.<\/p>\n<p>&nbsp;<\/p>\n<p><a id=\"law\" name=\"law\"><\/a><strong>Governing Law<\/strong>: All contracts include a clause that says under which state&#8217;s governing laws apply to the contract. This should always be South Carolina.<\/p>\n<p><a id=\"Writing\" name=\"Writing\"><\/a><strong>Terms in Writing<\/strong>: The University requires that allcontract terms be included within the written contract. Terms incorporated by a web link are not acceptable.<\/p>\n<p><a id=\"recip\" name=\"recip\"><\/a><strong>Reciprocity of terms<\/strong>: Contracts are typically written by vendors to protect themselves. Consequently, the contract may contain clauses that gives the vendor some benefit. If a clause in a contract gives the vendor a benefit, then we expect the contract to also allow Furman to receive a corresponding benefit.An example of a reciprocity term is indemnity. If the vendor asks Furman to indemnify them against certain risks, we also ask them to indemnify Furman (typically around things like intellectual property disputes.) Another term to be careful about are disclaimers. We want the vendor to stand behind the product or service they are selling. We have had some success getting vendors to modify their disclaimers to better protect the University.<\/p>\n<p><a id=\"term\" name=\"term\"><\/a><strong>Termination &amp; renewal<\/strong>\u00a0The termination clause of a contract should allow either party to terminate the contract without cause by providing written notice. This type of termination is usually valid within a given number of days of the other party receiving the notice. The termination term must be reasonable and fair to both parties. At the end of the contract involving Furman data, we want to be sure we get our data back, in a format we can use. There should not be a charge for getting our data back.<\/p>\n<p><a id=\"privacy\" name=\"privacy\"><\/a><strong>Privacy and security<\/strong>: Furman is beginning to contract for many technology\u00a0services hosted off site, and many of these services store University\u00a0data on their systems. University data needs to be protected, and comply with expectations outlined in\u00a0<a title=\"Organizational Security and Data Classification\" href=\"http:\/\/policies.furman.edu\/view.php?policy=632&amp;name=071.11\">University policy 071.11<\/a>. If student data is involved then we need additional assurances that the vendor complies with FERPA regulations. The contract needs to state that the vendors systems are regularly audited by a 3<sup>rd<\/sup>\u00a0party. That the auditors report is available to Furman and that the vendor has responded successfully to anything found in such an audit. Here is an example of such privacy language from a recent contract:<\/p>\n<blockquote>\n<blockquote><p><em>\u201cVendor and Furman agree that student and prospective student records, information, and data are confidential, regardless of whether they are designated as confidential in writing. Vendor further agrees to abide by all requirements of the Family Education Rights and Privacy Act (\u201cFERPA\u201d) with respect to all such student and prospective student records, information, and data. Vendor agrees to accept all financial responsibility for any data breach of its systems related to Furman data and will notify Furman University of such a breach within 24 hours of discovering said breach. Furthermore, vendor will provide upon request evidence of having had a party security audit conducted by a 3rd party within the past year. Vendor will also provide evidence of having successfully satisfied all findings from said security audit.\u201d<\/em><\/p><\/blockquote>\n<\/blockquote>\n<p>Contracts may also require insurance and other compliance terms, especially if the contract involves health or credit card data. In addition, ITS may ask to see evidence of appropriate backup and recovery processes, as well as provisions for data encryption and other relevant security methods.<\/p>\n<p><a id=\"sso\" name=\"cap\"><\/a><strong>Single Sign-On<\/strong>: Service contracts that require a student, faculty, or staff login must work with the University&#8217;s NetID and support one of our secure single sign-on methods. Vendors that use our single sign-on never see Furman passwords. If the vendor is breached, our single sign-on passwords are not compromised.<\/p>\n<p><a id=\"net\" name=\"net\"><\/a><strong>Access to Furman&#8217;s Network<\/strong>: Any contract that allows a vendor to access Furman&#8217;s campus network must include Furman&#8217;s\u00a0<b>network access terms<\/b>.<\/p>\n<p><a id=\"SOW\" name=\"SOW\"><\/a><strong>Statement of Work<\/strong>: The contract should include a Statement of Work. The statement of work needs to identify what each party expects from the contract. When can we expect things to happen? Are we getting a license to use software? If they\u2019re creating something for Furman is it a \u201cwork for hire\u201d that we will own the rights to? What other work do we need to do that will add costs? What measures will be use to demonstrate success beyond getting the solution started? Contracts\u00a0typically reference, or include, payment schedules within a Statement of Work. Scheduled payment should be after we accept the work as complete.<\/p>\n<p><a id=\"cap\" name=\"cap\"><\/a><strong>Cap on increases<\/strong>: Service contracts may be renewable, but\u00a0there needs to be a caps on future price increases. For example, if there are\u00a0annual maintenance fees, the contract needs to include a reasonable cap limiting how much these increases can be. We prefer that such increases be not more than 3% per year.<\/p>\n<p><a id=\"sla\" name=\"sla\"><\/a><strong>Service levels<\/strong>: We require a service level agreement (SLA) for all contracts for services that are hosted offsite. This is to insure that we are not paying for a service when it\u00a0is not available. We generally are looking for a 99.9% uptime with some type of refund structure if that level is not met.\u00a0<a href=\"http:\/\/www2.furman.edu\/sites\/ITS\/policies\/Documents\/SLA%20example.pdf\">Here is a pdf example of a representative SLA.<\/a><\/p>\n<p><a id=\"bid\" name=\"bid\"><\/a><strong>Bid Process<\/strong>:\u00a0<a class=\"ApplyClass\" title=\"Purchasing Policies and Procedures\" href=\"http:\/\/policies.furman.edu\/view.php?policy=455&amp;name=370.2\">University policy 370.2<\/a>\u00a0requires that contracts valued at $5000 or more need three competitive quotes, or provide documentation explaining why it was impossible to get three quotes. For contracts valued at more than $10,000 we need three formal competitive written quotations, and unsuccessful bidders must be notified of Furman&#8217;s decision.<\/p>\n<p><a id=\"budget\" name=\"budget\"><\/a><strong>Budget Office approval<\/strong>: Information Technology Services will check with the budget office to ensure there is adequate funding.<\/p>\n<p>&nbsp;<\/p>\n<p>If you have questions about a contract for information technology, please\u00a0<a class=\"ApplyClass\" title=\"The ITS Help Desk\" href=\"http:\/\/www2.furman.edu\/sites\/ITS\/Services\/Pages\/IT%20Service%20Center.aspx\">contact the IT Service Center<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Furman University Policy 077.3\u00a0requires\u00a0all University contracts for information technology hardware, software, or services be approved by the Chief Information Officer. Offices considering information technology hardware, software, or services should consult with Information Technology Services (ITS)\u00a0before getting to the contract stage. ITS can help you determine whether your need can be met by\u00a0existing ITS services, or [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":89,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-278","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/pages\/278","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/comments?post=278"}],"version-history":[{"count":0,"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/pages\/278\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/pages\/89"}],"wp:attachment":[{"href":"https:\/\/www.furman.edu\/offices-services\/information-technology-services\/wp-json\/wp\/v2\/media?parent=278"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}